Have you uninstalled Java yet?

Tools

It has been barely week since we reported on a Java exploit being circulated in the wild, and now a new Java exploit is being offered for sale. What's even more disconcerting is the fact that this came barely 24 hours after Oracle (NASDAQ: ORCL) issued a security patch for the earlier exploit--one which is already being called a less than complete resolution by some.

Java's poor track record begs the question, which I'm sure has been asked in many IT departments during these last two weeks, should Java be removed?

This is the wrong question to ask though. Enterprises should instead be asking themselves: Why shouldn't Java be removed?

You see, while I don't doubt the usefulness of Java, it is probably deployed more on servers than as a means to create cross-platform apps on desktops. This means that enterprises may find uninstalling Java to be far less disruptive than they realize. So, instead of anxiously waiting for patches to trickle in from Oracle, why not just remove Java entirely?

Of course, uninstalling Java is hardly the only option available to administrators. As an alternative, disabling Java from company browsers offers a similar level of protection too. So, have you uninstalled or disabled Java in your browser yet? - Paul Mah  (Twitter @paulmah)

Filed Under